Hacker Vandalizes Microsoft Site

There are reports that a previously unknown vulnerability in Microsoft's Internet Information Services (IIS) 6.0 server software may have been used to hack a Microsoft France Web site.

June 19, 2006

1 Min Read
Network Computing logo

A Microsoft France Web site defaced Sunday was not hacked through a software vulnerability, a company said Monday, but was breached because of a mis-configured server.

The Microsoft site -- experts.microsoft.fr -- was defaced with messages including "HACK!" and "Your System OwNed By Turkish Hackers!" As of late Monday, the site was still unavailable.

Although the SANS Institute's Internet Storm Center tentatively tied the defacement to rumors of a zero-day exploit against Microsoft's Internet Information Services (IIS) 6.0 server software, a company spokesperson said different.

"Microsoft's initial investigation points to a mis-configuration of a web server at a third party hosting facility as the most likely cause of the compromise," he said in an e-mail to TechWeb.

The spokesperson also said that when the company had more information, it would be posted to the Microsoft Security Response Center (MSRC) blog.According to the attack and defacement database maintained by Zone-H, the Microsoft France hack was done by an individual or group identified as "TitHacK," who/which has been credited with nearly 1,600 site defacements, most of them on Windows-based servers.

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights